hedgequantx 2.5.9 → 2.5.10

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "hedgequantx",
-  "version": "2.5.9",
+  "version": "2.5.10",
   "description": "HedgeQuantX - Prop Futures Trading CLI",
   "main": "src/app.js",
   "bin": {

package/src/menus/ai-agent.js

@@ -174,9 +174,17 @@ const showExistingTokens = async () => {
   const spinner = ora({ text: 'VALIDATING TOKEN...', color: 'cyan' }).start();
   
   try {
-    // Validate the token
-    const credentials = { apiKey: selectedToken.token };
-    const validation = await aiService.validateConnection(selectedToken.provider, 'api_key', credentials);
+    // Validate the token - include metadata from scanner
+    const credentials = { 
+      apiKey: selectedToken.token,
+      sessionKey: selectedToken.token,
+      accessToken: selectedToken.token,
+      fromKeychain: selectedToken.sourceId === 'secureStorage' || selectedToken.sourceId === 'keychain',
+      subscriptionType: selectedToken.subscriptionType,
+      refreshToken: selectedToken.refreshToken,
+      expiresAt: selectedToken.expiresAt
+    };
+    const validation = await aiService.validateConnection(selectedToken.provider, selectedToken.type, credentials);
     
     if (!validation.valid) {
       spinner.fail(`TOKEN INVALID OR EXPIRED: ${validation.error}`);

package/src/services/ai/index.js

@@ -150,11 +150,54 @@ const validateConnection = async (providerId, optionId, credentials) => {
 // Validation functions for each provider
 const validateAnthropic = async (credentials) => {
   try {
+    const token = credentials.apiKey || credentials.sessionKey || credentials.accessToken;
+    
+    // Check if it's an OAuth token (sk-ant-oat...) vs API key (sk-ant-api...)
+    const isOAuthToken = token && token.startsWith('sk-ant-oat');
+    
+    if (isOAuthToken) {
+      // OAuth tokens use Bearer auth and claude.ai endpoint
+      const response = await fetch('https://api.claude.ai/api/organizations', {
+        method: 'GET',
+        headers: {
+          'Authorization': `Bearer ${token}`,
+          'Content-Type': 'application/json',
+          'User-Agent': 'HQX-CLI/1.0'
+        }
+      });
+      
+      if (response.ok) {
+        return { valid: true, tokenType: 'oauth', subscriptionType: credentials.subscriptionType || 'max' };
+      }
+      
+      // Try alternate endpoint
+      const altResponse = await fetch('https://claude.ai/api/auth/session', {
+        method: 'GET',
+        headers: {
+          'Authorization': `Bearer ${token}`,
+          'Cookie': `sessionKey=${token}`
+        }
+      });
+      
+      if (altResponse.ok) {
+        return { valid: true, tokenType: 'oauth', subscriptionType: credentials.subscriptionType || 'max' };
+      }
+      
+      // For OAuth tokens from Keychain, trust them without validation
+      // since the Keychain already verified the user
+      if (credentials.fromKeychain) {
+        return { valid: true, tokenType: 'oauth', subscriptionType: credentials.subscriptionType || 'max', trusted: true };
+      }
+      
+      return { valid: false, error: 'OAuth token expired or invalid' };
+    }
+    
+    // Standard API key validation
     const response = await fetch('https://api.anthropic.com/v1/messages', {
       method: 'POST',
       headers: {
         'Content-Type': 'application/json',
-        'x-api-key': credentials.apiKey || credentials.sessionKey,
+        'x-api-key': token,
         'anthropic-version': '2023-06-01'
       },
       body: JSON.stringify({
@@ -165,7 +208,7 @@ const validateAnthropic = async (credentials) => {
     });
     
     if (response.ok) {
-      return { valid: true };
+      return { valid: true, tokenType: 'api_key' };
     }
     
     const error = await response.json();